Avoid a potential overread in x509_constraints_parse_mailbox() - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	deraadt <>	2021-09-26 14:07:09 +0000
committer	deraadt <>	2021-09-26 14:07:09 +0000
commit	a1d75ef500e825541180bdb19831512601dd5a76 (patch)
tree	9a5c4bb124b8307001aa26f467fdb657d3f47c6e /src/lib/libcrypto/cms
parent	5a34adb042399d80d343b9a7e7a0e6873f5e0c49 (diff)
download	openbsd-a1d75ef500e825541180bdb19831512601dd5a76.tar.gz openbsd-a1d75ef500e825541180bdb19831512601dd5a76.tar.bz2 openbsd-a1d75ef500e825541180bdb19831512601dd5a76.zip

Avoid a potential overread in x509_constraints_parse_mailbox()

The length checks need to be >= rather than > in order to ensure the string remains NUL terminated. While here consistently check wi before using it so we have the same idiom throughout this function. Issue reported by GoldBinocle on GitHub. ok deraadt@ tb@ this is 6.8 errata 031

Diffstat (limited to 'src/lib/libcrypto/cms')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: